The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
Lisa McArthur, Head of Conduct, Compliance & Operational Risk Standards and Capability, Lloyds Banking Group
What is the importance of conducting behaviour and culture assessments?
To answer this, it’s helpful to start by differentiating between ‘behaviour’ and ‘culture’:
There are various reasons that behaviour and culture assessments should be a key consideration in how we manage our businesses. Here are just a few:
Why is it difficult to assess behaviour and culture of your employees?
For me there are two broad reasons.
There’s a full spectrum of approaches ranging from light touch desktop exercises through to detailed behavioural diagnostics. I’ve found a blended approach, using a range of different assessments, to be the most insightful and value-adding.
Behaviours and culture are influenced by internal and external factors on an ongoing basis. Here are a couple of examples which may resonate with you:
What does a healthy risk culture look like, and how can this be embedded?
A good example of a healthy organizational culture is where the behaviours and values of the people and the organization are aligned to achieve its strategic goals … in other words, everyone is pulling in the same direction. Diversification of your workforce to reflect your customer base plays a massive part in helping achieve this.
Looking specifically at risk culture / risk mindset, this is a sub-set of organizational culture. I’d describe a healthy risk mindset as one where employees:
Once you’re clear on risk mindset outcomes for your organization, such as the ones above, these can be embedded through:
What is a risk culture dashboard, and how can institutions build their own?
A risk culture dashboard is a suite of metrics that provides information and insight on how well risk is understood, identified, assessed and managed within the organization.
First step in building a dashboard is to determine the types of risks that are key to the organization.
Next, consider what needs to be measured to understand the behaviours, values and beliefs behind these risk types. Here are just a few measurement examples to bring this to life:
Once the metrics are determined it’s a matter of operationalising the production and analysis of the data on a regular basis to derive value-adding insight on performance and trends over time.
Also look for interrelationships between the metrics e.g., if there is a deterioration in metric X and this creates a deterioration in metric Y. Identifying these connections helps to deepen your understanding of how your risk culture pieces together and what’s influencing any shifts.
How can behaviour assessments be implemented?
Start by considering how in-depth you want the behaviour assessment to be. Remember, the approaches range from lighter touch to more comprehensive. To help you decide, be clear on the benefits and the limitations of different approaches.
If you have the scope to do so, it’s worth considering how you can combine different approaches to build a comprehensive view of your organization’s risk culture and the behaviours underpinning it e.g.
And remember, actions to transform behaviours and risk mindset do take time and effort to embed. It takes patience … and data. The deeper the insight you have on your organization’s culture and behaviours, the easier it is to see which levers you should pull to achieve desired and sustainable risk mindset shifts.
Lisa will be speaking at our upcoming New Generation Operational Risk Europe Summit.